←back to thread

Ruby Central's Attack on RubyGems [pdf]

(pup-e.com)
659 points jolux | 3 comments | 19 Sep 25 08:09 UTC | HN request time: 0.658s | source
Show context
thomascountz ◴[19 Sep 25 14:09 UTC] No.45301861[source]
An update from Ruby Central: Strengthening the Stewardship of RubyGems and Bundler

https://rubycentral.org/news/strengthening-the-stewardship-o...

replies(13): >>45301914 #>>45301919 #>>45301946 #>>45302039 #>>45302069 #>>45302082 #>>45302089 #>>45302099 #>>45302120 #>>45302227 #>>45302468 #>>45305713 #>>45308969 #
TehCorwiz ◴[19 Sep 25 19:48 UTC] No.45305713[source]
> Moving forward, only engineers employed or contracted by Ruby Central will hold administrative permissions to the RubyGems.org service.

Several of the people removed are employees or contractors of Ruby Central. This doesn't pass the smell test. Not to mention it's post-facto in that they did all of this before notifying anyone.

replies(1): >>45305871 #
1. byroot ◴[19 Sep 25 20:01 UTC] No.45305871[source]
> Several of the people removed are employees or contractors of Ruby Central.

Who?

> Not to mention it's post-facto in that they did all of this before notifying anyone.

Isn't that pretty much the number one rule when restricting accesses? First remove accesses, then communicate?

replies(1): >>45306633 #
2. TehCorwiz ◴[19 Sep 25 21:08 UTC] No.45306633[source]
At least Ellen Dash. The author of the pdf the post links to.
replies(1): >>45306793 #
3. byroot ◴[19 Sep 25 21:22 UTC] No.45306793[source]
They haven't been contracted by Ruby Central since May by their own account: https://bsky.app/profile/duckinator.bsky.social/post/3lz7lec...

The other people I know who had their accesses removed have resigned from RC a while ago, and the one I still see with access on https://rubygems.org/gems/bundler are people I know are currently employed or contractors.

As far as I can tell, this part of the Ruby Central statement seems to check out. Now you can of course debate whether commit rights should be limited to employees, but have have no indication that they lied here.